11

2024-07-09 11:29:50 +08:00 · 2024-07-09 11:29:50 +08:00 · 9ede888e5b
parent 989fb55055
commit 9ede888e5b
7 changed files with 19 additions and 125 deletions
--- a/docker/base-dm/Dockerfile
+++ b/docker/base-dm/Dockerfile
@ -11,7 +11,7 @@ RUN useradd -m -s /bin/bash dmdba \
    && rm -rf /config/* /tmp/* /var/lib/apt/lists/* /var/tmp/*
 WORKDIR /home/dmdba
-# 下载安装包并解压
+# 下载安装包并解压 删除掉之后无用的软件包，节约空间
 RUN wget https://download.dameng.com/eco/adapter/DM8/202405/dm8_20240408_x86_rh7_64_ent_8.1.3.140.zip --no-check-certificate \
    && unzip dm8_20240408_x86_rh7_64_ent_8.1.3.140.zip \
    && chown -R dmdba:dmdba /home/dmdba \
@ -22,4 +22,8 @@ RUN wget https://download.dameng.com/eco/adapter/DM8/202405/dm8_20240408_x86_rh7
    && apt-get remove -y p7zip-full unzip wget \ 
    && usermod -aG sudo dmdba
 USER dmdba
 # 使用中文
 ENV LANG=zh_CN.utf-8 
 CMD ["/bin/bash", "-e"]
--- a/docker/code-server/Dockerfile
+++ b/docker/code-server/Dockerfile
@ -1,4 +1,5 @@
-#code-server
+# 参考https://github.com/linuxserver/docker-code-server/blob/master/Dockerfile
 #     https://github.com/linuxserver/docker-baseimage-ubuntu/blob/jammy/Dockerfile
 FROM build-dmpython
 ENV DEBIAN_FRONTEND="noninteractive"
@ -6,7 +7,7 @@ WORKDIR /home/dmdba
 USER root
 RUN apt-get update && apt-get install -y --no-install-recommends \
-    git jq libatomic1 nano net-tools netcat python3-pip nodejs npm curl sudo catatonit \
+    git jq libatomic1 net-tools netcat python3-pip curl sudo catatonit libssl-dev \
    cron \
    curl \
    gnupg \
@ -21,9 +22,10 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
    && apt-get clean \
    && rm -rf /tmp/* /var/lib/apt/lists/* /var/tmp/* \
    && pip3 install /home/dmdba/build_artifacts/dmPython-2.5.5-cp310-cp310-linux_x86_64.whl \
-    && rm /home/dmdba/build_artifacts/dmPython-2.5.5-cp310-cp310-linux_x86_64.whl
+    && rm /home/dmdba/build_artifacts/dmPython-2.5.5-cp310-cp310-linux_x86_64.whl \
    && cp /home/dmdba/build_artifacts/libdmdpi.so /usr/lib/
-# set environment variables
+# 设置环境变量
 ENV HOME="/root" \
  LANGUAGE="en_US.UTF-8" \
  LANG="en_US.UTF-8" \
@ -35,17 +37,18 @@ ENV HOME="/root" \
  PATH="/lsiopy/bin:$PATH" \
  HOME="/config"
-# set version for s6 overlay
+# 设置环境变量 s6 overlay
 ARG S6_OVERLAY_VERSION="3.1.6.2"
 ARG S6_OVERLAY_ARCH="x86_64"
-# add s6 overlay
+# 解压
 ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-noarch.tar.xz /tmp
 RUN tar -C / -Jxpf /tmp/s6-overlay-noarch.tar.xz
 ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-${S6_OVERLAY_ARCH}.tar.xz /tmp
 RUN tar -C / -Jxpf /tmp/s6-overlay-${S6_OVERLAY_ARCH}.tar.xz
 ADD https://nodejs.org/dist/v20.15.0/node-v20.15.0-linux-x64.tar.xz /tmp
 RUN tar -C / -Jxpf /tmp/node-v20.15.0-linux-x64.tar.xz --strip-components 1 --keep-old-files
 # add s6 optional symlinks
 ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-symlinks-noarch.tar.xz /tmp
 RUN tar -C / -Jxpf /tmp/s6-overlay-symlinks-noarch.tar.xz
 ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-symlinks-arch.tar.xz /tmp
@ -56,7 +59,8 @@ RUN tar -C / -Jxpf /tmp/s6-overlay-symlinks-arch.tar.xz && \
        /app \
        /config \
        /defaults \
-        /lsiopy 
+        /lsiopy && \
    rm -rf /tmp/* /var/lib/apt/lists/* /var/tmp/* 
 ARG MODS_VERSION="v3"
 ARG PKG_INST_VERSION="v1"
@ -66,8 +70,8 @@ ADD --chmod=744 "https://raw.githubusercontent.com/linuxserver/docker-mods/mod-s
 ADD --chmod=744 "https://raw.githubusercontent.com/linuxserver/docker-mods/mod-scripts/lsiown.${LSIOWN_VERSION}" "/usr/bin/lsiown"
-# add local files
+# 添加本地目录
 COPY /root /
-# ports and volumes
+# 端口
 EXPOSE 5000 3000 8443
 ENTRYPOINT ["/init"]
--- a/docker/nginx/Dockerfile
+++ b/docker/nginx/Dockerfile
@ -1,32 +0,0 @@
 FROM nginx:1.19.7-alpine
 # Add bash for boot cmd
 RUN apk add bash
 # Add nginx.conf to container
 COPY --chown=nginx:nginx nginx.conf /etc/nginx/nginx.conf
 COPY --chown=nginx:nginx start.sh /app/start.sh
 # set workdir
 WORKDIR /app
 # permissions and nginx user for tightened security
 RUN chown -R nginx:nginx /app && chmod -R 755 /app && \
        chown -R nginx:nginx /var/cache/nginx && \
        chown -R nginx:nginx /var/log/nginx && \
        chmod -R 755 /var/log/nginx; \
        chown -R nginx:nginx /etc/nginx/conf.d
 RUN touch /var/run/nginx.pid && chown -R nginx:nginx /var/run/nginx.pid
 # # Uncomment to keep the nginx logs inside the container - Leave commented for logging to stdout and stderr
 # RUN mkdir -p /var/log/nginx
 # RUN unlink /var/log/nginx/access.log \
 #     && unlink /var/log/nginx/error.log \
 #     && touch /var/log/nginx/access.log \
 #     && touch /var/log/nginx/error.log \
 #     && chown nginx /var/log/nginx/*log \
 #     && chmod 644 /var/log/nginx/*log
 USER nginx
 CMD ["nginx", "-g", "'daemon off;'"]
--- a/docker/nginx/default.conf
+++ b/docker/nginx/default.conf
@ -1,29 +0,0 @@
 proxy_cache_path /tmp/cache levels=1:2 keys_zone=cache:10m max_size=500m inactive=60m use_temp_path=off;
 server {
  listen 80;
  location / {
    proxy_pass http://$FLASK_SERVER_ADDR;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  }
  location /cache-me {
    proxy_pass http://$FLASK_SERVER_ADDR;
    proxy_cache cache;
    proxy_cache_lock on;
    proxy_cache_valid 200 30s;
    proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
    proxy_cache_revalidate on;
    proxy_cache_background_update on;
    expires 20s;
  }
  location /health-check {
    add_header Content-Type text/plain;
    return 200 "success";
  }
 }
--- a/docker/nginx/nginx.conf
+++ b/docker/nginx/nginx.conf
@ -1,50 +0,0 @@
 worker_processes auto;
 pid        /var/run/nginx.pid;
 events {
    worker_connections  1024;
 }
 http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    # Define the format of log messages.
    log_format  main_ext  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for" '
                      '"$host" sn="$server_name" '
                      'rt=$request_time '
                      'ua="$upstream_addr" us="$upstream_status" '
                      'ut="$upstream_response_time" ul="$upstream_response_length" '
                      'cs=$upstream_cache_status' ;
    access_log  /var/log/nginx/access.log main_ext;
    error_log  /var/log/nginx/error.log warn;
    sendfile        on;
    keepalive_timeout  65;
    # Enable Compression
    gzip  on;
    # Disable Display of NGINX Version
    server_tokens off;
    # Size Limits
    client_body_buffer_size 10K;
    client_header_buffer_size 1k;
    client_max_body_size 8m;
    large_client_header_buffers 2 1k;
    # # SSL / TLS Settings - Suggested for Security
    # ssl_protocols TLSv1.2 TLSv1.3;
 	# ssl_session_timeout 15m;
 	# ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256;
 	# ssl_prefer_server_ciphers on;
 	# ssl_session_tickets off;
    include /etc/nginx/conf.d/*.conf;
 }
--- a/docker/nginx/start.sh
+++ b/docker/nginx/start.sh
@ -1,2 +0,0 @@
 #!/bin/bash
 envsubst '$FLASK_SERVER_ADDR' < /tmp/default.conf > /etc/nginx/conf.d/default.conf && nginx -g 'daemon off;'
--- a/docker/ssh-server/Dockerfile
+++ b/docker/ssh-server/Dockerfile
@ -1 +0,0 @@
 FROM base-dm
		`@ -1,2 +0,0 @@`
			`#!/bin/bash`
			`envsubst '$FLASK_SERVER_ADDR' < /tmp/default.conf > /etc/nginx/conf.d/default.conf && nginx -g 'daemon off;'`